I am attempting to setup an ikev1 ipsec session with a device for
which the vendor has provided me with the necessary racoon config
however I am having trouble translating this to an equivalent
strongswan config and am hoping someone can point out where i am going
wrong. It's seems fairly straightforward however I am continually
getting the error "no ike config found". Both the initiator and
responder (strongswan) are behind nat however i have forwarded the
necessary ports and tested this works correctly with another
strongswan client (also behind nat) so I am confident that is not the
issue.
This is my racoon config;
path pre_shared_key “/etc/racoon/psk.txt”
_remote anonymous { _
_ exchange_mode main;__ _
_ proposal_check claim;__ _
_ proposal {__ _
_ encryption_algorithm aes;__ _
_ hash_algorithm sha1;__ _
_ authentication_method pre_shared_key;__ _
_ dh_group 2;__ _
_ }__ _
_ generate_policy on;__ _
_ nat_traversal on;__ _
_ peers_identifier user_fqdn “[email protected]”;__ _
_}_
_sainfo anonymous {__ _
_ encryption_algorithm aes;__ _
_ authentication_algorithm hmac_sha1;__ _
_ compression_algorithm deflate;__ _
_}_
psk.txt
[email protected] password_
and this is my strongswan config
ipsec.conf
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
conn test
keyexchange=ikev1
nat_traversal=yes
left=x.x.x.x _______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
